diff --git a/templates/sshd_config.j2 b/templates/sshd_config.j2
index 09ccf05..1695959 100644
--- a/templates/sshd_config.j2
+++ b/templates/sshd_config.j2
@@ -15,26 +15,15 @@ Port {{ opensshd_port }}
 #ListenAddress 0.0.0.0
 #ListenAddress ::
 
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
 #HostKey /etc/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_dsa_key
 #HostKey /etc/ssh/ssh_host_ecdsa_key
 #HostKey /etc/ssh/ssh_host_ed25519_key
 
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
 # Ciphers and keying
 #RekeyLimit default none
 
 # Logging
-# obsoletes QuietMode and FascistLogging
 #SyslogFacility AUTH
 #LogLevel INFO
 
@@ -46,7 +35,6 @@ PermitRootLogin {{ 'yes' if opensshd_permit_root_login | bool else 'no' }}
 #MaxAuthTries 6
 #MaxSessions 10
 
-#RSAAuthentication yes
 #PubkeyAuthentication yes
 
 # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
@@ -62,11 +50,9 @@ PermitRootLogin {{ 'yes' if opensshd_permit_root_login | bool else 'no' }}
 AuthorizedKeysCommandUser {{ opensshd_authz_keys_cmd_user }}
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
 #HostbasedAuthentication no
 # Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
+# HostbasedAuthentication
 #IgnoreUserKnownHosts no
 # Don't read the user's ~/.rhosts and ~/.shosts files
 #IgnoreRhosts yes
@@ -110,7 +96,6 @@ PrintMotd no
 PrintLastLog no
 #TCPKeepAlive yes
 #UseLogin no
-UsePrivilegeSeparation sandbox		# Default for new installations.
 #PermitUserEnvironment no
 #Compression delayed
 #ClientAliveInterval 0
@@ -138,7 +123,6 @@ Subsystem	sftp	/usr/lib64/misc/sftp-server
 # buffer size for hpn to non-hpn connections
 #HPNBufferSize 2048
 
-
 # allow the use of the none cipher
 #NoneEnabled no
 
@@ -150,5 +134,4 @@ Subsystem	sftp	/usr/lib64/misc/sftp-server
 #	ForceCommand cvs server
 
 # Allow client to pass locale environment variables #367017
-# Doesn't work well with OS X clients!
-#AcceptEnv LANG LC_*
+AcceptEnv LANG LC_*